Disrupting the network for better security and resiliency

By Tim Solms

Sep 26, 2016

Earlier this year, the Army Contracting Command (ACC) released a sources sought notice for "technologies that support operations to design, build, configure, secure, operate, maintain and sustain networks, including technologies to build in resiliency."

It's obvious that the Department of Defense is getting serious about network modernization. But are Pentagon officials ready for the necessary disruption that will bring?

To find out, let's focus on a couple of points from the ACC notice, starting with security. As cybersecurity threats continue to evolve, it's not a matter of if the next attack will happen, but when it will occur. There are more potential access points than ever before, and, thanks to the cloud, networks and data are more broadly used and available than at any previous point in DOD's history. As such, the Defense Department must assume a zero-trust posture that protects its networks from both internal and external threats.

As ACC states, resiliency is just as important as protection. No matter how well the perimeter is guarded, threats will inevitably occur, and it's imperative that the network can withstand the attack and continue to deliver the expected five nines of availability.

Government networks must be agile and automated. The static networks of old aren't built to address evolving threats and must be replaced by highly portable and distributed networks that can anticipate the next potential threat.

In short, if today's government networks are to remain secure and resilient, they must first be disrupted.

The evolution of software-defined networking

The good news is that we're well on our way. Government networks have undergone 20 years of evolution, resulting in the emergence of software-defined networking -- as disruptive a technology as we've ever seen. SDN allows administrators to take a more holistic and agile approach to security. They can automate security protocols so that networks can continue operating efficiently and reliably even in the wake of an attack. They can also monitor all potential threats, inside and outside their networks and between endpoints and cloud apps, to fortify against internal and external bad actors.

A proper approach to SDN focuses on the core attributes of policy, detection and enforcement:

Policy: Customized, centrally managed security policies should be adaptable enough to change over time to address evolving threats.

Detection: Threat intelligence can be culled from multiple sources into a single, common cloud-based feed. Administrators can then analyze this data to identify patterns and behaviors that point to abnormal activity.

Enforcement: Based on threat intelligence feeds, policies can be adapted and enforced in real time throughout an agency's entire network.

Addressing each of these attributes will lead to more secure and resilient networks, but not with traditional approaches to networking. Only automated, software-defined networks provide the ability for early threat identification and rapid response.

Needs lead to disruption

Unfortunately, despite its best efforts, the federal government has traditionally been slow to adopt disruptive technologies like SDN. It is burdened with laborious acquisition and implementation processes, taking sometimes five to six years to procure new technologies.

The big difference today is that cyberthreats to national security and the economy are mounting, and the government must act quickly in spite of budget pressures that demand security be balanced with efficiency.

Although these concerns are causing federal IT professionals to step outside of their comfort zones and truly begin exploring solutions like SDN, change will not happen overnight. Government must move from a requirements-based to a needs-based acquisition process. Agencies must invest in training, and administrators should continue to hone their skills so that they are prepared for the disruption that SDN is already beginning to cause.

Fortunately, there are precedents in other industries. Seven years ago the financial services industry went through a similar challenge, as banks required more efficient ways of doing business while adhering to very strict security requirements. Today, the world's largest financial services firms boast highly resilient networks that balance enormous efficiency with effective cybersecurity.

Even DOD can point to its own past. Back in the 1970s, the Department was concerned about the security of radio frequencies, so it encrypted radio communications. When that stopped working, the Department moved to frequency hopping. Defense postures evolved along with the threat.

It's again time to adapt to changing dynamics by deploying software-defined, highly resilient networks that are built to withstand the next attack.

About the Author

Tim Solms is vice president, U.S. Federal and managing director worldwide government at Juniper Networks.